Error opening Management Interface


I just started the Certified Chef Developer Basic Chef Fluency Badge course on
During the Chef Server section I executed the following steps.

rpm -Uvh chef-server-core-12.16.14-1.el7.x86_64.rpm
chef-server-ctl reconfigure
chef-server-ctl user-create ‘’ --filename -user-rsa
chef-server-ctl org-create ‘’ --association_user –filename -validator.pem
chef-server-ctl install chef-manage
chef-server-ctl reconfigure
chef-manage-ctl reconfigure

When I try to open the URL http://<server IP>/login I get the error: SEC_ERROR_REUSED_ISSUER_AND_SERIAL

chef-server-ctl test produced no errors

Finished in 2 minutes 57.4 seconds (files took 13.86 seconds to load) 156 examples, 0 failures, 2 pending

What would be the next steps to troubleshoot this further?


The error indicates that the certificate contains the same serial number as another certificate issued by the certificate authority.

So I deleted the certificate and key from /var/opt/opscode/nginx/ca and ran chef-server-ctl reconfigure and chef-manage-ctl reconfigure again.
Unfortunately, I got the same error.


When I connect locally using openssl I get a different error.
Command: openssl s_client -connect localhost:443
When I enter

Host: localhost

I get a different error:

HTTP/1.1 502 Bad Gateway
Server: openresty/
Date: Sat, 23 Sep 2017 21:30:28 GMT
Content-Type: text/html
Content-Length: 179
Connection: keep-alive


After looking in the nginx.conf I found /var/opt/opscode/nginx/etc/addon.d/30-chef-manage_upstreams.conf
This contains:

upstream chef_manage_webapp {

When I run ss -lntp I do not see a listening socket for 9462.


After having generated a new self signed certificate manually, I no longer get the error SEC_ERROR_REUSED_ISSUER_AND_SERIAL.

Now I can see the error 502 Bad Gateway in my browser.instead of just when I use the openssl client


The file /var/log/chef-manage/web/current is filled with ‘ERROR’ lines

I also noticed 5+ wait stats.